Posted
by
Soulskill
on Wednesday March 27, 2013 @12:13AM
from the you-can-trust-us dept.

Fnord666 sends this quote from an article at Slate:
"Despite the pervasiveness of law enforcement surveillance of digital communication, the FBI still has a difficult time monitoring Gmail, Google Voice, and Dropbox in real time. But that may change soon, because the bureau says it has made gaining more powers to wiretap all forms of Internet conversation and cloud storage a 'top priority' this year. ... a 1994 surveillance law called the Communications Assistance for Law Enforcement Act only allows the government to force Internet providers and phone companies to install surveillance equipment within their networks. But it doesn't cover email, cloud services, or online chat providers like Skype. Weissmann said that the FBI wants the power to mandate real-time surveillance of everything from Dropbox and online games ('the chat feature in Scrabble') to Gmail and Google Voice. 'Those communications are being used for criminal conversations,' he said."

So are regular telephones, and cell phones, and Jitsi, and ICQ, and Yahoo Messenger, and AIM, and Jabber, and Google Talk, and Facetime, and Twitter, and even talking face to face. And let's not forget the U.S. Mail.

I think the premise would be OK if it wasn't for the fact that a library full of statutes of actions that could put you on the wrong side of the law exists. In terms of the law, are all transgressors - all it takes is a little time, to find the charge to level at you.

First rule of networking: assume that any and all conversations that take place over an electronic medium are recorded, and played back to a room filled with prosecutors / investigators hell-bent on finding something to charge you with.

Second rule of networking: assume this does not apply only to electronic mediums.

See, in a better world, your rights will be upheld. Good triumphs over evil through no sleight of the hand, but simply because it is the preferable course that nature should take. In reality, there is always one group of people out there that wants you to believe something as a constant, so they can work around it. Your belief in a right to privacy is the forbidden fruit in the garden of Eden to these types, and they covet eating it above all other things; eating it, and never telling you that it was eaten. It's simply too tempting a target! A blind spot, right there, for the taking. With everyone fooled into believing they have some rights to privacy, well, they'll never see the prosecution coming. And trial by ambush, while frowned upon in civilized courts, is sadly still a common occurrence in unenlightened areas of existence.

All that matters, in this life, at the end of the day, is that you die. That's the singular goal everyone is working towards. Widget A fits into Socket B, which creates Component C. On a higher dimension, you are, no doubt, moving in a straight line, to your finish.

One need only visit a traffic court, after receiving a traffic ticket, to understand the streamlining and efficiency of what, no doubt, goes on 'upstairs.' You are guilty from the moment you are charged, and only evidence of the highest objectivity will overturn that sealed conviction. And even then...some judges will refuse to look at the evidence! Mind you, the part about selling kids into modern day slavery, in my own current state of PA, has forced a closer look at some of these shenanigans...still, the way is hard, and long.

As I recall, steganography might not make you uninteresting to the authorities, because although the bits that get loaded with data might not be understood, there is a detectible difference between a picture, for example, that has hidden data and one that does not. If there is a reasonable suspicion that you're hiding something, presumably you can be compelled to give up the means of revealing it. That said, information can come in many guises. For example, in a MMORPG there might be significance in a chara

Which really makes you wonder if there're enough morons out there to justify the work. Or if, alternatively, they plan on skimping on warrants like they did with National Security Letters, and are just going to openly abuse their power this time.

Darn, I really thought I was correcting for a habitual typo there. Then again, that post shifts pronouns wildly, so I might've been more tired than I realised. Curiously, all of the other respondents silently corrected it, so I guess that could've at least been more awkward.

Also, congrats on the +5, Informative for being a stegosaurus. You can now join other stars like MobileTatsu-NJG and his world-famous +5, Informative "I like to lick butts" post.

Get enough of them going and it would be near impossible to filter out the noise.

I don't think you understand the way that these folks work. If you do that, they will just ask for more funds to be able to add more power to their listening-in operation. Oh, to do that, they need to raise your taxes just a touch.

WTF, have none of you heard of OTR (Off The Record) IM encryption? You can't use it through the gmail interface, but you can use Google's IM network (which uses the jabber protocol) with third party IM clients which support OTR. What passes through Google's servers is then encrypted gibberish.

And you should not be using this just when you want to have a secret conversation; you use it all the time so that anybody snooping understands that you disagree with the principle of snooping, even when you have nothing to hide.

I can hear the criminals conspiring. They are everywhere. They are conspiring in games of scrabble. They are even using mind rays to talk, and I can hear them. The only thing that makes them stop is the foil hat and the power of crystals.

That cause me to consider bringing email back home. I switched to gmail several years ago because running a mail server was just too much of a pain in the neck. Then again, maybe running my own smtp/pop server would make it easier to be eavesdropped on by the FBI and their ilk.

No matter if you use gmail or your own server, smtp with remote servers usually goes in plain text.

That is becoming less true. Many servers (including GMAIL's) support SMTPTLS. Unfortuanately, the lack of certificate validation (because few mailservers have signed certificates) makes them open to man-in-the-middle attacks, but not to simple packet sniffing.

Unfortuanately, the lack of certificate validation (because few mailservers have signed certificates) makes them open to man-in-the-middle attacks, but not to simple packet sniffing.

They're not just open to MitM attacks, they're trivially open them. This is because anyone and his uncle's dead dog's fleas can make a self-signed certificate and say anything in the signature on it. Well, provided they can stand working with the awful interfaces the tools for working with certificates have. (OpenSSL, how do I hate thee? Let me count the ways...)

On the other hand, SMTP servers aren't configured to listen to proxies so deploying the attack requires DNS poisoning or packet interception. It al

Do you really think an automated snooper cares if you throw mostly crap at it? It's not like they'd bother having sweatshops full of employees snooping on you manually. Computers have unlimited attention spans; I thought a/. poster would know better.

Since google apps is no longer offered free for domains, we started setting up own email hosting again for small website cients, and I don't think I would want to switch back again. I had bad memories from the past, but things are not bad at all these days. Online documentations are good, repositories are pretty complete and up to date, and open source webmail clients have vastly improved.

It is really a breath of fresh air to make your own decisions again. These decisions can range from allowing more

One that bounces any mail to you with a bounce message that says: "Please use this link to type in your message to me instead". That link would be to a web-based email interface on your own box. Or the bounce message could say, "Hey I am online right now", lets chat in real-time with this interface. Anyone who emails you more than once will use the link instead of trying email.Email needs to die anyway. Lets kill it with fire (ie. something that serves us better.)

The FBI has also learned that talking face to face us being used in nearly every criminal activity of two or more people (gangs). Henceforth all conversations must be recorded on your official government recorder, which will relay all conversations in real time.

Until you receive your recorder, refrain from I monitored conversations except in the designated monitored talking booths.

The FBI has also learned that talking face to face us being used in nearly every criminal activity of two or more people (gangs). Henceforth all conversations must be recorded on your official government recorder, which will relay all conversations in real time.

These government recorders are called OnStar (has been used to listen in) and cell phones (probably depending on the brand, but some apparently can be activated without user control).
- And that's why I only meet my people on a windy day at a stormy beach walking several feet into the sea with a symphony orchestra playing Beethoven while they are driving up and down the beach on two-stroke scooters tossing chain saws.

I know a non-tech type man who bought a car unaware that it had OnStar. He must've hit a button accidentally because a voice asks, "This is OnStar, how can I help you?"

"Who the hell are you?!"

"This is Matt from OnStar sir, how can I help you?"

"You can get the f**k out of my car, that's what!"

He drove right to the car dealer demanding OnStar be physically removed, not just deactivated, or cancel the deal. Some people pay good money for the OnStar 'feature', some wouldn't take it if you paid them.

You can have all the power in the world, but I am forced to strive to encrypt more precisely because of this approach. Honor the forth amendment, its words AND intent. Give me the paperwork, get the data. Demand to get the data without a piece of paper, I will blatantly act to encrypt. Pretend you have magic papers that cannot be argued against? Expect to find/no/ data.

Your paper is secret? So are my IM's/E-Mails/Twittered cock shots to my constituents.

One of those falls in to the legitimate realm of non warranted data access. Guess which one? This is not a hard problem if you don't have to contort yourself to answer it.

Just like *some* FBI/CIA/DHS/and other 3 letter acronym agents are criminals.

With that thought process, we should have 24 hour, open, video and audio recordings of every second of every government agent's life open to the public for the "good of the people" since if even ONE agent is a criminal, then they must all be criminals, isn't that the kindergarten mentality the FBI is using for this stunt?

FBI agents - go to the courts with your "suspicions" get yourself a fucking warrant, then go ask google and others to give you access.

Until then, keep the fuck out of our privacy. It's expected, and protected by the constitution of the United States - you know, that pesky little document you swore to uphold and defend, not mutilate and destroy.

Any FBI (CIA or other agency) agent that doesn't go along with this is a constitutional terrorist and should be sent to Gitmo with no chance of parole.

[Privacy] is expected, and protected by the constitution of the United States - you know, that pesky little document you swore to uphold and defend, not mutilate and destroy.

Actually, the constitution doesn't touch on privacy rights, however, the Bill of Rights does reflect some of the spirit of the right to privacy in the sense of freedom of speech (1); privacy of the home (3); privacy from searches and seizure (4); abuse of government authority and due process (V) -- however there is no amendment that specifically states a right to privacy.

I'd agree though that the judicial branch's interpretation of the Bill of Rights is grossly out of whack. While they extend the privacy o

Actually, from what I've seen, there are many people who seem to support things such as this. They're scared of nearly nonexistent threats and would rather give up everyone's freedoms than risk injury.

Then there's the fact that the government takes advantage of every disaster and many people, being 'irrational' due to said disasters, actively support the government's actions.

Rest assured- the NSA is already slurping unthinkable amounts of Internet traffic, and storing the results on various shadow-Google installations (massive database and search engine facilities using Google's hardware and software designs). What is happening here is that the FBI (and other public facing enforcement agencies) want to use such data openly in court. To do this, they have to pretend the intelligence gathering is not already happening (and has been for more than a decade), and will be implemented in the near future- 'legal' and above board.

Most of how the ordinary citizen is tracked is a national secret. For instance, almost no-one knows the extent to which motor vehicles are monitored by reading the RFID tags present in the rubber of the tires. Instead, the government works hard to make you think most tracking is done by (very visible) camera networks. The under-road RFID reading strips are 'invisible', and vastly more reliable and cheaper than the cameras. The cameras are mostly used to associate a license plate and/or vehicle image with the RFID 'fingerprint'.

The more data the state can grab about the sheeple, the more data it wants to grab. In the early part of the 20th century, there was a reluctance to create or properly fund 'intelligence' agencies, because it was found such agencies always grew like a cancer, and never recognised lines they would not cross. After WW2, with the rise of the cold war, all sides threw caution to the wind, and began this '1984' style nightmare. Before the age of the microprocessor, tech limitations prevented the 'tumors' from growing beyond a certain size. Now the amoral psychopaths these agencies employ desire all of us be placed under 24 hour surveillance.

Only new societal rules can now save us. An addition to the constitution, or a new Commandment. "Thou shall not pre-emptively spy upon a citizen for any reason or cause."

You will be told (by the monsters) that if you are innocent, you have nothing to fear, or a (massive) loss of privacy is a small price to pay for (maybe) improved law enforcement. Ordinary people (especially after schooling) are easily fooled by such arguments. The same ordinary people only finally appreciate the danger when everything goes wrong (you end up in a nation ruled by the Soviets or Nazis, for instance). People in ex-Nazi ruled, and then ex-Soviet ruled nations love to vote in freedom loving, privacy respecting governments- at least until they forget again (see Holland for a sad example of this phenomenon).

Michelin hopes manufacturers will pay a little more for tires with RFID transponders, because it makes the tires easier to track. The microchip stores the tire's unique ID, which can be associated with the vehicle identification number.

For the moment, the technology will be used solely to track tire usage in Moto2 and Moto3. Tiny RFID chips will be built into the official Dunlop tires during the manufacturing process, each programmed with a unique identifying code.Sensors in pit lane (shown in the photo here on the Dunlop website) will monitor when each tire leaves pit lane, and when they return. Using the database which maps which tires have been allocated to which riders, Dunlop can keep precise track of which tires have been used when, and for how long.

Anyway, it still feels a bit on the hatter side to think the government is currently monitoring who has what tires, but it is definitely something I could see it becoming interested in and something that could actually be done.

I thought the first paragraph was interesting. Then I thought the second paragraph sounded foilhatty. Then I googled "rfid tires" and the first article is almost a decade old:

It isn't the tires per se, its the tire pressure monitoring systems which are mandatory - manfucturers have two choices, one that broadcasts a unique id to the world around you and one that just pays attention to each wheel's rotation speed to detect changes in diameter due to changes in pressure.TPMS security problems [computerworld.com]

In pavement sensors? You know how hard those are to build? How easily damaged they are? In pavement sensors have huge negatives and costs associated with them. In fact almost all states are moving away from in pavement traffic detectors at intersections and moving entirely to radar and video detection. The only sensor I know of that's still installed in pavement is a weather and temperature sensor that is used to detect freezing conditions that facilitate black ice.

The majority of people would respond: "Well, if they say it'll make us safer, then that's what we have to do. We all have to do our part and sacrifice just a little bit if we want to be safe from terrorists".

Security researchers Biondi and Desclaux have speculated that Skype may have a back door, since Skype sends traffic even when it is turned off and because Skype has taken extreme measures to obfuscate their traffic and functioning of their program.[26] Several media sources have reported that at a meeting about the "Lawful interception of IP based services" held on 25 June 2008, high-ranking but not named officials at the Austrian interior ministry said that they could listen in on Skype conversations without problems. Austrian public broadcasting service ORF, citing minutes from the meeting, have reported that "the Austrian police are able to listen in on Skype connections".[27][28] Skype declined to comment on the reports.[29]

Americans at least should be outraged by this, as well as all of the other wiretapping bullshit that has gone on since the Patriot act. While I would guess that most Americans have no idea what 'mens rea' is, they should all understand the concept of innocent until proven guilty.

There is no reason for all of these Government agencies to have unlimited access to your personal life without a warrant. None what so ever. If you believe the propaganda and rhetoric, shame on you for being ignorant. Just think, in 7 months the new NSA super computers will be cracking away at your encryption as well, so even that won't be safe.

Combine the FBI, CIA, DHS, ATF, and FEMA resources and you have an army big enough to take on the US Military and more intelligence for a domestic war. Speaking of which, the DHS this year purchased 1.2 billion hollow point bullets (add in other Government agencies and you have over 2 billion rounds of killing bullets, not target bullets). Hmmm, still you find nothing odd with them snooping into _everything_ you do? How about the 1,300 armored vehicles they purchased last year by DHS? Still nothing? Anyone remember the 2011 defense spending bill with the clauses allowing indefinite detention of US citizens without warrant, trial, etc...? How about NSA, DHS, FBI, and CIA drone programs operating domestically? How about the lack of transparency in all of these agencies we were promised over 4 years ago by the then candidate now President, and before that by GWB? Anyone else know about why FEMA has been building dozens of "Relocation Camps" in the US? There is footage of one at least, but of course all of them are denied.

Look at all of that shit, then combine with the fact that the main stream media has become pure propaganda. Suddeny those conspiracy theories really don't seem so whacky do they? It's well passed the time when we should be waking up the neighbors, protesting for change, and voting in new leadership based on Socrates' principles and not politicians!

>> and voting in new leadership based on Socrates' principles and not politicians!

How you gonna do that when in politics all your choice is.. politicians that are all the same ?

I wonder if the people are aware of the fact that politicians, individually, aren't changing anything. And the whole system is made so people have power to choose politicians. But the politicians don't change the system.. the system is a movement, that keeps going in a certain direction.. fluidly. If you take events from the l

Ubiquitous Internet surveillance under color of national security: Because the Congressional exemption for Insider trading attracted too much attention, and prior knowledge of material information under seal of Top Secret is one helluva moat. Ka-CHING!

I briefly read the article, where does it say "without warrant"? it doesn't even mention warrants, but links to an older article about how Congress is working to make warrants a requirement for emails older than 180 days.

Avoiding due process. It means they can get hold of data, and you cannot prove they have it. One of the main games since 9/11 has been to gain more powers (laughingly labeled "emergency" powers) against far less oversight so abuse would no longer be an issue.

I think there should be no barrier against law enforcement access to information, provided the need is proven (read: no fishing expeditions) and there is a clean, clear and reliable audit trail which is accessible a while later (not immediately becaus

This is Slashdot which has a deep user base of highly skilled technical talent, hates what's happening to the Internet (etc.) via the U.S. Government (etc.), and collectively has the ability to do something about it.

Personally, I often find myself reading articles like this, and becoming very frustrated about it to say the least. The older I get, the more I have seen the encroaching government rules/laws/lack thereof which basically invalidates some of the most important parts of the Constitution. It's gone waaaaayyyy too far at this point, don't you think?

All of this has to be somewhat obvious and common in terms of how you feel when you read this. I don't think I am in the minority here, but I might be crazy.

With the long-winded intro above... there must be something we can do as a collective. There are a lot of great minds here, and a lot of talent which can out-think, and out-perform anything the government can come up with without breaking laws.

What we're lacking is organization, and a plan to do something about it. That could be anything from making sure the world knows what's happening, to creating secure means of communication, to outing politicians, and getting the media involved, to a lot of things we haven't thought of.

I'm ready for the neigh-Sayers, and the "it won't happen because...", but doing something is a lot better than watching this all happen and feeling helpless.

How do we organize? How can Slashdot come together to do something positive which stops this atrocious behavior by our governments?

Before we hear about how silly this idea is or how it won't ever work, who has actually tried on a somewhat large scale in terms of people?

I may be alone, but I am so tired of hearing about all the incredibly ridiculous things our government is doing to the people who pay for them to be there.

Well, it was worth a try... I'm ready to be shot down, but if I didn't say something, I'd just be a lemming like a good percentage of the clueless constituency.

Maybe the FBI should just require we record every form of communication 24/7.

If I remember correctly from the book 1984 [amazon.com], home TVs were used to monitor behavior. And if they were turned off for too long, it immediately flag you as suspicious. I think its time to just implement this.

If you can't see my rabid sarcasm in this post, you probably wouldn't object to my proposals anyways.